local

Stuff posted in this site by me.

Rust: move fast and break people’s wallets

Rewrite-it-in-Rust has become a moral imperative. Well, here’s a moral argument: throwing away serviceable computers every couple of years to upgrade is a privilege that not all of your users have, contributes to climate change, and fills up landfills. As far as security is concerned, some matters demand leaving the norm: old hardware is the only kind that can avoid proprietary firmware blobs, Intel ME or AMD PSP, and UEFI. Novel hardware which addresses issues like microcode and open hardware, like POWER9 and RISC-V, are also suffering under Rust’s mainstream-or-bust regime. Anyone left behind is forced to use the legacy C codebase you’ve abandoned, which is much worse for their security than the hypothetical bugs you’re trying to save them from.

Source: Drew DeVault’s blog

As someone who almost exclusively uses older hardware I am extremely annoyed by developers and system administrators who tell me I need to switch out my hardware every 3 to 5 years for the sake of convenience. It’s a very entitled position to take and it got me annoyed enough to go on a little twitter rant about it. If your old hardware works it should be used for as long as possible. You don’t need a server with an AMD Epyc CPU with 1 TB RAM and multipe SSDs with ZFS to… run a simple WordPress blog like this one.

I certainly don’t have the money to develop software in Rust-recommended hardware, which can also double as gaming hardware with the addition of a nice GPU.

How about a memory safe language that can run on “old” or “slow” hardware of the sort that is most often used outside of the US and Europe? If you were to listen to these people they’ll tell you it can’t be done.

Rust: move fast and break people’s wallets Read More »

Wish for quiet toys

About a month ago we picked up at work a SuperMicro X9SCM-F in a 4U rackable case; we didn’t know who the case maker was until @thegpfury noticed it was a Norco case.

SuperMicro X9SCM-F
SuperMicro X9SCM-F
SuperMicro X9SCM-F
SuperMicro X9SCM-F
SuperMicro X9SCM-F

This is all well and good but we had a major problem for usage: The noise! This being enterprise hardware no consideration was made for acoustics since the device would live in a datacenter but in my case we want to use it at home.

This is what it sounds with all the fans on (NBM-MAT case fans, the lot of them):

Norco DS-24H

Super loud. Like a 70s VW Bug that has had zero maintenance.

So then I tried with only the fans in the back:

Norco DS-24H

And finally with only the CPU fan

Norco DS-24H

At this point it was clear all the fans were buggered to hell. With them all being 80x80x25 it turned out Noctua do have great replacements available; for the backplane I got NF-R8 redux-1200 and for the read I got the NF-R8 redux-1800 PWM so the motherboard can control the speed on them. The power supply is still fully functional and with it being a Corsair AX760 we know we don’t have to worry about the noise coming from it.

This is how it sounds with two backplane fans and both back fans installed:

Norco DS-24H
Much, much better! So quiet very stealth!!!

For the time being it should be okay to run it with just these fans; the apartment is kind of cold and the additional cooling will not be needed until the summer, by which point the thing will probably get upgraded storage. If only more manufacturers had in consideration the acoustics of their devices; there’s an HP ProLiant DL160 G6 laying around that is also loud as fuck but there’s no clear path to making it quieter; I know 1U devices don’t have the most space but even 2U devices are still loud as hell when they can be much improved.

Perhaps a 2U system with quiet fans and good gaming hardware, mounted under a desk top. That’d be nice. Like a Lack rack but for actual desk use. That’d be nice.

Wish for quiet toys Read More »

vim with rclone on MFA-enabled Nextcloud

I forgot that I enabled MFA on my Nextcloud instance and it broke rclone. This is something the Nextcloud documentation makes clear but neither the instance nor rclone itself will tell you what’s actually wrong or how to fix it.

First, on Nextcloud:

  1. Go to Settings › Security.
  2. Scroll down to the bottom. Enter something descriptive like “rclone” in the entry box, then click Generate App Password.
  3. Nextcloud will display an application-specific password. Leave the screen here. Nextcloud will only display it the one time

You can always start over if you don’t copy it so depending on your password policies you might want to save it in your password manager.

Now, switch over to your shell:

  1. First, kill the current rclone mount: $ fusermount -u /home/nullrend/Nextcloud. Do not just kill the rclone job. Apparently the rclone devs think it’s too hard to implement a rclone umount /mount/dir command or sum’thin’.
  2. Do $ rclone config and delete the current Nextcloud remote endpoint. Much easier to start from scratch.
  3. When you get to the password entry, enter the password given to you by Nextcloud.
  4. Finish the process.

At this point you can save the password on Nextcloud so it actually allows rclone to connect through WebDAV.

To mount the new remote endpoint do something like $ rclone mount endpoint:/ ~/Nextcloud --daemon --dir-cache-time 120m --max-read-ahead 256 --no-modtime --vfs-cache-mode full --vfs-cache-poll-interval 120m. You will need to play with the caching flags depending on what you’re doing and what your needs are.

For my own use case I’m mostly using vim to interact with my vimwiki files so I also often do :set noswapfile to stop vim from bitching about files that are likely open elsewhere.

vim with rclone on MFA-enabled Nextcloud Read More »

Migración de alto calibre

NOGALES, Mexico — North of the border, the .50-caliber sniper rifle is the stuff of YouTube celebrity, shown blasting through engine blocks and concrete walls. Deployed with U.S. troops to foreign wars, it is among the most destructive weapons legally available in the United States.But every week, those rifles are trafficked across the border to Mexico, where increasingly militarized drug cartels now command arsenals that rival the weaponry of the country’s security forces. In many cases, criminals outgun police.

Source: Mexico guns: Sniper rifles are flowing to Mexican drug cartels from the U.S. – Washington Post

Los carteles todavía no se animan a realizar asesinatos tácticos de una bala, prefiriendo mostrar sus poderío enviando comandos armados.

Pero para allá van.

Migración de alto calibre Read More »

For want of a nail…

‘k, so in a previous post I wrote how I reworked my note-taking and went back to plain text. I had to make a few changes since then:

  • I couldn’t take the atrocious UI of Epsilon Notes any longer. Fucken’a. I just accessed my notes directly through the Nextcloud app and that worked well enough.
  • Vimwiki is working quite nicely, just wish it didn’t fuck with the filetype highlighting but the built-in works well enough. Better concealment of links would be nice too.

Switched out Epsilon for Markor, which is prettier and less of a pain in the ass. But trying to set it up is when I started running into an issue with Nextcloud:

It does not support bidirectional folder sync. At all.

The way Nextcloud syncs everything means you have to access your files through the Nextcloud app instead of being able to use your usual app to open a file. It’s not that much of a change but it does prove annoying because that change is forced on you by the application instead of you (the user) adjusting your workflow organically. People have been requesting this ability since 2016 and the app still doesn’t have it.

When I was using Dropbox as my syncing backend my workflow would be like this:

  1. Mark KeePass file as a favorite in Dropbox.
  2. Dropbox syncs the file to all devices so it’s available through the filesystem itself.
  3. As the file is now stored in a local filesystem you can now navigate to it as you usually would:
    • On desktop you can use a file manager to view the file and open it. Alternatively you can use KeePass to navigate to the file and open it.
    • On Android you can open your keepass app, navigate to the database file, and open it.
    • On iOS the same flow as Android applies.
  4. Should the file change Dropbox will sync it silently in the background to all devices. Password applications will notice the change and ask if you want to reload.

With Nextcloud it goes something like this:

  1. Mark KeePass file as a favorite in Nextcloud.
  2. Nextcloud will sync the file to desktop clients but only mark it as a favorite in mobile devices.
  3. You now have a split flow as the file will be available through the local filesystem on desktop but not on mobile:
    • On desktop you use a file manager, or use KeePass itself. Same UX as you would in Dropbox.
    • On Android you need to open the Nextcloud app, navigate to the database file and the OS will recognize the filetype and open it. You can’t use your password app directly as the file does not exist in any local filesystem. When Android terminates your password app and you then have to reload the file through the Nextcloud app.
    • On iOS it looks like you can select which folders to sync to local filesystem. I haven’t tried using the iOS app myself but if someone can confirm this is the behavior it’d be awesome.
  4. Should the file change Nextcloud will sync it silently in the background but behavior will vary depending on platform:
    • Desktop: File is available through local filesystem. Password applications will notice the change and ask if you want to reload.
    • Android: You go through the Nextcloud app, same as before. Trying to use a password app will result in the app telling you the file doesn’t exist, so you then have to go through the Nextcloud app.
    • iOS: I’m not sure what the behavior is. I’d assume it’s the same as on desktop.

To replicate the default desktop behavior (syncing to local filesystem) you end up having to use other apps like FolderSync. This way files and folders are available just like any other file on the Android device, letting you use automation or customization apps without issues, and saving you from having to configure syncronization settings for each app. Looking at you, Joplin.

My suspicion is Nextcloud developers are doing it this way to increase your awareness of the brand and the application, following the footsteps of Dropbox. For the longest time Dropbox was a rock-solid syncing application that did one thing and it did it really well, but now they’re trying to force changes nobody likes in an effort to make more money.

If this is indeed the case Nextcloud developers are learning all the wrong lessons from Dropbox’ failure to understand what it had. Instead of strenghtening its core they’re throwing a million other things at the wall to see what sticks:

  • Talk: Chat server, basically. There’s already plenty of those already available and I don’t see them supplanting IRC, Discord, or Slack. Ever. Nevermind Zoom or Jitsi.
  • Deck: Project management? There are better apps for that that are easier to configure, manage and secure.
  • Notes: There are a myriad note taking applications out there that work better. I don’t need yet another one.
  • Passwords: Again, there are better alternatives: KeePass, 1Password, LastPass.

Nextcloud has a chance to do that one thing well and do it better than Dropbox ever did— that is, file syncing. I feel they’re consciously choosing to throw it away because they want to get a bit more clout and a bit more money. If they keep at it they’re going to end up like Mozilla.

For want of a nail… Read More »

Organize album order in Flickr

I like Flickr. I have been a paying user for years, since the heady days of Web 2.0. Very photo, so web.

But their documentation fucking sucks. It went down in quality when Yahoo took over, and SmugMug isn’t doing much better. But anyway.

Here’s how to reorganize the order in which albums in the Flickr mobile app show up:

  1. Log in to Flickr on the web
  2. Go to the Albums & Collections section of the Organizr.
  3. At the top of the page make sure Viewing: All Albums is selected.
    Flickr Album Organizr
  4. On the right panel order the albums whichever way you want.

Making this change will have effect in two places:
– The Albums page on the web
Flickr Album page on website

  • The Albums page in the mobile App.
    Flickr Album page on Android mobile app

Neither the Flickr Help Center nor the Help Forum have any posts about this. Now, I’m using the Android app but I assume the iOS-based versions will also follow the ordering set in the Organizr panel.

I wish Flickr enabled a few things:
– Sorting by album metadata (alphabetically, album creation date)
– Sorting by picture metadata (make bigger/smaller albums show up first/last). This would include sorting by last album upload, so albums used the most get shown first.
– Make Collections a first-class citizen on the site. They’ve been relegated as a little used organization tool that no one uses and when it does get used it isn’t showcased.

Flickr has so much to win now that Instagram is being integrated ever more into facebook’s grubby infrastructure.

Organize album order in Flickr Read More »

Hoist the flag

Pirate Care is a research process – primarily based in the transnational European space – that maps the increasingly present forms of activism at the intersection of “care” and “piracy”, which in new and interesting ways are trying to intervene in one of the most important challenges of our time, that is, the ‘crisis of care’ in all its multiple and interconnected dimensions.

Source: Pirate Care – Pirate Care

This is a worthy goal. Piracy not for the sake of avoiding to pay for things, but rather as a way to learn about the world and its processes when the entities in power would prefer you not to— whether they be people, corporations, or governments. For these entities any form of non-compliance is to be crushed and its practitioners made customers of the carceral industry.

Hoist the flag Read More »

Got me a new hoodie too!

The Mississippi Park Connection says the U.S. Army Corps of Engineers will lower the water level on the river immediately below St. Anthony Falls so it can inspect the infrastructure that’s normally underwater.

Source: Rare chance to see what the Mississippi River in Minneapolis looked like before the dam – Bring Me The News

This looks to be special! I’m going to be right there freezing my ass off to see this.

Got me a new hoodie too! Read More »

JK you’ll be poor even if you attend

Schools often run deficits in normal times; in 2019, nearly 1,000 private colleges were already borderline insolvent. Covid will cause many to shutter for good. It is accounting, not epidemiology, that drives university administrators to push for a rapid return to business as usual, effectively demanding that faculty and staff sacrifice their lives for the financial health of their employer.

Source: The End of the University | The New Republic

You can attend college, the price is death.

Or you could not attend college, in which case the price is poverty.

JK you’ll be poor even if you attend Read More »

No change, no peace

As the historian Barry A. Crouch recounts in The Dance of Freedom, Ruby warned that the formerly enslaved were beset by the “fiendish lawlessness of the whites who murder and outrage the free people with the same indifference as displayed in the killing of snakes or other venomous reptiles,” and that “terrorism engendered by the brutal and murderous acts of the inhabitants, mostly rebels,” was preventing the freedmen from so much as building schools.

Source: What Black Lives Matter Has Accomplished – The Atlantic

The Orange Maggaot calls people who support BLM “thugs”, “criminals”, “terrorists”, saying he’ll impose Law and Order however necessary.

White people have always been the one to terrorize their communities, and those of people they don’t deem acceptable.

The cold cultural war heats up.

No change, no peace Read More »

Closing quickly, for that matter.

Social networks are universally more restrictive than web pages but also more fun in significant ways, chief amongst them being that more people can participate. What if the rest of the web have that simplicity and immediacy, but without the centralization? What if we could start over?

Source: A clean start for the web – macwright.com

Mozilla is knowingly walking away from any of these options because they’re bitter they could not come to dominate the Web after Firefox helped bring about the downfall of Internet Explorer. Big Tech will not support a reimagining of what the web could be since it will mean less profits. Can’t have that in a capitalist society, now can we?

There’s hope now that the Servo engine is cut loose, but the time window to avoid having a technological cycle (about 30 years or so) be dominated by corporations is closing.

Closing quickly, for that matter. Read More »

I’m not a predator looking for them either

This article suggests a few techniques for finding personal websites on the Internet.

Source: Hunting the Nearly-Invisible Personal Website

I’m here and I’m not being that quiet either.

It’s not that I’m invisible. It’s that we don’t even figure into the Peasant Internet anymore(1) even though there’s a lot of activity on the twitters, facebooks, and instagrams of this here planet.

(1) Peasant Internet: Those who surf the waves thinking they’re safe in the embrace of social media or corporate firewalls.

I’m not a predator looking for them either Read More »